This idea was intiated as a mechanism to provide the committeess with a "line" to the board. It has evolved, however, into a percieved "veto" option for the board. Instead, I recommend we implement a "requirement" for the Global Committee chair to present their committee progress to the Board during the meetings. This moves the requirement of participation from the Board and provides the Committee an opportunity to present items that require vote. Board members should be allowed to participate as a committee member, but should not be considered a committee chair or looked to as a committee member who has privelages above other committee members.

These three committees have initiatives for 2011 as defined during the summit. These initiatives will require many "tasks" that are time consuming and will require uninterrupted hours to complete. I would like the committee chair to "approve" the selection. These contracted staff will be supervised by me, the Operations Director. Tasks managed and outcomes tracked as directed by the committee chairs.

Is the OWASP Board going to continue working on the Core Values, Core Purpose, and so on, or is this going to be assigned to the Global Committee Chairs to finish?

+

−

* '''OWASP/First Relationship'''

+

*'''OWASP/First Relationship'''

[https://lists.owasp.org/pipermail/owasp-board/attachments/20110217/86057c8d/attachment-0001.pdf Partnership agreement] between OWASP and FIRST. Already has the concurrence of the GCC

[https://lists.owasp.org/pipermail/owasp-board/attachments/20110217/86057c8d/attachment-0001.pdf Partnership agreement] between OWASP and FIRST. Already has the concurrence of the GCC

+

* ''' Conference Profit Sharing Model'''

* ''' Conference Profit Sharing Model'''

Line 54:

Line 55:

''In short, the GCC recommends to the board that this funding stream be placed under the GCC budget as originally requested in the amount of $10,000.''

''In short, the GCC recommends to the board that this funding stream be placed under the GCC budget as originally requested in the amount of $10,000.''

−

* '''Projects Committee 2011 Budget Proposal'''

−

The projects committee has drafted a [https://docs.google.com/a/owasp.org/document/d/11HjbUeJxyRbQ4Jg6Wg7LceMZox0wz3Fz-LUwjfam5eg/edit?hl=en detailed budget] proposal to support four (4) GPC initiatives. For each initiative, the budget outlines projected estimates based on market research and describes ''exactly'' '''how''' and '''when''' the funds would be utilized. The budget also provides a detailed (12 pages long!), well thought out plan with ''concrete goals'' and ''tangible deliverables'' in order to evaluate initiative success. The four initiatives include: Project Hosting, GPC Working Sessions, Project Support, and Project Incentives.

−

The Global Projects Committee 2011 Budget Proposal can be found [https://docs.google.com/a/owasp.org/document/d/11HjbUeJxyRbQ4Jg6Wg7LceMZox0wz3Fz-LUwjfam5eg/edit?hl=en here].

+

===Other Items===

−

= Committee Updates =

−

== '''Conferences''' ==

'''GCC Representative Roles and Responsibilities at Events'''

'''GCC Representative Roles and Responsibilities at Events'''

Line 92:

Line 89:

GPC Updates:

GPC Updates:

+

+

* '''Projects Committee 2011 Budget Proposal'''

+

The projects committee has drafted a [https://docs.google.com/a/owasp.org/document/d/11HjbUeJxyRbQ4Jg6Wg7LceMZox0wz3Fz-LUwjfam5eg/edit?hl=en detailed budget] proposal to support four (4) GPC initiatives. For each initiative, the budget outlines projected estimates based on market research and describes ''exactly'' '''how''' and '''when''' the funds would be utilized. The budget also provides a detailed (12 pages long!), well thought out plan with ''concrete goals'' and ''tangible deliverables'' in order to evaluate initiative success. The four initiatives include: Project Hosting, GPC Working Sessions, Project Support, and Project Incentives.

+

+

The Global Projects Committee 2011 Budget Proposal can be found [https://docs.google.com/a/owasp.org/document/d/11HjbUeJxyRbQ4Jg6Wg7LceMZox0wz3Fz-LUwjfam5eg/edit?hl=en here].

* The GPC has welcomed three (3) new members (Chris Schmidt, Justin Searle, and Larry Casey) and is looking forward to welcoming Keith Turpin upon completion of his application (Keith has already participated in GPC Meetings).

* The GPC has welcomed three (3) new members (Chris Schmidt, Justin Searle, and Larry Casey) and is looking forward to welcoming Keith Turpin upon completion of his application (Keith has already participated in GPC Meetings).

Line 102:

Line 104:

== Membership ==

== Membership ==

−

== Education ==

+

• We have two new members (Helen Gao, Ofer Maor) and both have a focus on expanding international participation. To increase international participation we are looking to possibly decrease the Individual Membership fees as well as explore different benefits that will make Membership more palatable / interesting to non-American and non-Western European individuals.

+

+

• In addition to increasing International Membership we are also looking to increase the number of Organizational Supporters from non-vendor companies. This is in-line with the Industry Committee’s reinvigorated focus on Industry participants.

+

+

• We are exploring the possibility of making an @owasp.org email address a membership benefit. In addition to being a benefit, this will also help to streamline communication to OWASP Members for “official” business such as voting.

+

+

• Next meeting is next Tuesday and that is when we will follow up on TODOs from the 2011 Summit.

I'm sorry I could not make this call. The connections committee is still at 2 members - and we are adding 2 soon.

+

+

We are:

+

+

1) Updating the OWASP blog

+

+

2) Running the OWASP twitter account

+

+

3) Handling any press inquiries and forwarding those to the right people and maintaining http://www.owasp.org/index.php/OWASP_Connections_Committee and http://www.owasp.org/index.php/Press

+

+

4) Running the podcast series (next show up this week)

+

+

We do not hold committee meetings. We hold "working sessions" on an constant but unscheduled basis.

+

+

== Education ==

+

+

Education Committee will be meeting in March.

+

+

== Chapters ==

+

+

+

= Other Foundation Business =

+

+

* '''Remove the "board member representative" requirement for the Global Committees. '''

+

+

This idea was intiated as a mechanism to provide the committeess with a "line" to the board. It has evolved, however, into a percieved "veto" option for the board. Instead, I recommend we implement a "requirement" for the Global Committee chair to present their committee progress to the Board during the meetings. This moves the requirement of participation from the Board and provides the Committee an opportunity to present items that require vote. Board members should be allowed to participate as a committee member, but should not be considered a committee chair or looked to as a committee member who has privelages above other committee members.

These three committees have initiatives for 2011 as defined during the summit. These initiatives will require many "tasks" that are time consuming and will require uninterrupted hours to complete. I would like the committee chair to "approve" the selection. These contracted staff will be supervised by me, the Operations Director. Tasks managed and outcomes tracked as directed by the committee chairs.

Is the OWASP Board going to continue working on the Core Values, Core Purpose, and so on, or is this going to be assigned to the Global Committee Chairs to finish?

+

+

* '''Status of New OWASP Hosting on Rackspace cloud.'''

+

+

Rackspace has agreed in principal to host OWASP for free on their cloud infrastructure. I have a meeting this week (March 10th) with the CTO & CISO to nail down the particulars and get an agreement in place.

Items for Approval

Local host chapters will share in OWASP event profits under the following schedule. In the case of multiple host chapters, the host chapters will be responsible for determining the division before the event.

The board had asked the GCC to discuss the funding mechanism for GCC
representation at events (GCC budget or against individual conferences).
This was discussed and voted upon at the Feb GCC meeting and the committee
decided that it would be best to manage these funds out of a GCC travel
budget for supporting events. The GCC felt that, as at the end of the day
it's all the foundation's money, the benefits of rolling this travel under
the conference budget (therefore showing more "expenses" to their budget,
allegedly encouraging them to earn more money to break "even") did not
outweigh the "perceived" costs of offering conferences direct on-site
support and then "charging" them for it. As the travel costs are likely to
have a small impact on a Global AppSec Budget (approx $2000/trip) it's not
likely going to impact the bottom line of the conference and would not
likely be the sole motivating factor for planners to get additional
sponsorship income. The potential soft costs to the ability of the GCC to
conduct it's oversight role may be significantly impacted by making the
planners pay a "tax" that is wholly internal to the organizations
accounting and has no real allocation. Additionally, in the cases where a
conference planner said "thanks but no thanks" to a GCC rep at their
conference, the larger goals of better contract management, event feedback
and assessments would not be achieved.

In short, the GCC recommends to the board that this funding stream be placed under the GCC budget as originally requested in the amount of $10,000.

Other Items

GCC Representative Roles and Responsibilities at Events

The GCC will now send a representative to all Global AppSec Events and to
other regional events as budget allows. This member of the GCC will be
identified early and assigned to liaise with the conference planners and
provide a single point of contact for interfacing with the committee. They
will also work with Dave to go through "training" for signature authority on
contracts less than or equal to $15,000 USD in the scope of the assigned
conference. While on-site the GCC representative will provide logistical,
contracting and other on-site support as well as report back to the
committee in the following areas (from the GCC 2011 Comprehensive plan):

GCC member shall:

interface with the local planning committee at least 1 month before trip (attend planning call)

Interact with planners/attendees while at conference

Interact with Sponsors

Sign conference contracts under $15,000 (once approved)

At the next GCC meeting the traveling member will be expected to

Provide an post trip report covering

Assessment of facility

Event Marketing Strategy

Examination of Event Budget

Estimation of Speaker Quality

Sponsor engagement/cost-effectiveness & feedback

Any notable comments from planners/attendees

Any unique outstanding elements

Any issues

Projects

GPC Updates:

Projects Committee 2011 Budget Proposal

The projects committee has drafted a detailed budget proposal to support four (4) GPC initiatives. For each initiative, the budget outlines projected estimates based on market research and describes exactlyhow and when the funds would be utilized. The budget also provides a detailed (12 pages long!), well thought out plan with concrete goals and tangible deliverables in order to evaluate initiative success. The four initiatives include: Project Hosting, GPC Working Sessions, Project Support, and Project Incentives.

The GPC has welcomed three (3) new members (Chris Schmidt, Justin Searle, and Larry Casey) and is looking forward to welcoming Keith Turpin upon completion of his application (Keith has already participated in GPC Meetings).

Membership

• We have two new members (Helen Gao, Ofer Maor) and both have a focus on expanding international participation. To increase international participation we are looking to possibly decrease the Individual Membership fees as well as explore different benefits that will make Membership more palatable / interesting to non-American and non-Western European individuals.

• In addition to increasing International Membership we are also looking to increase the number of Organizational Supporters from non-vendor companies. This is in-line with the Industry Committee’s reinvigorated focus on Industry participants.

• We are exploring the possibility of making an @owasp.org email address a membership benefit. In addition to being a benefit, this will also help to streamline communication to OWASP Members for “official” business such as voting.

• Next meeting is next Tuesday and that is when we will follow up on TODOs from the 2011 Summit.

We do not hold committee meetings. We hold "working sessions" on an constant but unscheduled basis.

Education

Education Committee will be meeting in March.

Chapters

Other Foundation Business

Remove the "board member representative" requirement for the Global Committees.

This idea was intiated as a mechanism to provide the committeess with a "line" to the board. It has evolved, however, into a percieved "veto" option for the board. Instead, I recommend we implement a "requirement" for the Global Committee chair to present their committee progress to the Board during the meetings. This moves the requirement of participation from the Board and provides the Committee an opportunity to present items that require vote. Board members should be allowed to participate as a committee member, but should not be considered a committee chair or looked to as a committee member who has privelages above other committee members.

Approve $5K in funding for the Global Membership, Global Conferences, and Global Chapter Committees for operational support

These three committees have initiatives for 2011 as defined during the summit. These initiatives will require many "tasks" that are time consuming and will require uninterrupted hours to complete. I would like the committee chair to "approve" the selection. These contracted staff will be supervised by me, the Operations Director. Tasks managed and outcomes tracked as directed by the committee chairs.

Is the OWASP Board going to continue working on the Core Values, Core Purpose, and so on, or is this going to be assigned to the Global Committee Chairs to finish?

Status of New OWASP Hosting on Rackspace cloud.

Rackspace has agreed in principal to host OWASP for free on their cloud infrastructure. I have a meeting this week (March 10th) with the CTO & CISO to nail down the particulars and get an agreement in place.